Greetings, * Neha Sharma (neha.sha...@enterprisedb.com) wrote: > I have observed that even if the user does not have permission on a > table(created in by some other user),the function parameter still can have > a parameter of that table_column%type.
This is because the creation of the table also creates a type of the same name and the type's permissions are independent of the table's. I imagine that you could REVOKE USAGE ON TYPE from the type and deny access to that type if you wanted to. I'm not sure that we should change the REVOKE on the table-level to also mean to REVOKE access to the type automatically (and what happens if you GRANT the access back for the table..? Would we need to track that dependency?) considering that's been the behavior for a very long time. Thanks! Stephen
signature.asc
Description: Digital signature
